DoD STIGs – V-32575


Title: The DBMS must support organizational requirements to employ automated patch management tools to facilitate flaw remediation to organization defined information system components.

Vulnerability ID: V-32575


IA Controls: None

Severity: low

Description: The organization (including any contractor to the organization) shall promptly install security-relevant software updates (e.g., patches, service packs, and hot fixes). Flaws discovered during security assessments, continuous monitoring, incident response activities, or information system error handling, shall also be addressed expeditiously. Due to information system integrity and availability concerns, organizations shall give careful consideration to the methodology used to carry out automatic updates.

Automated patch management can be useful in ensuring that appropriate patches are scheduled and applied to databases as required. DBAs often support multiple databases in different environments and with different classification levels. This can lead to confusion if patch management is not automated, leading to inconsistent patching.

Check Text: Review DBMS vendor documentation to determine whether the DBMS supports automated patch management. If the DBMS does not provide this functionality determine whether a third party product is being used for automated patch management. If the DBMS does not support automated patch management, and a third party product is not utilized to provide this functionality, this is a finding.

Fix Text: Utilize a DBMS product that supports automated patch management or implement a third party product to provide this functionality.


Interpreting V-32575:

Coming Soon!

Return to the DoD STIGs – Database Security Requirements Guide

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.